HackingZone (Total Bounty: $180)


  • Reflected XSS in SAMSUNG SDS (Inweol Bae)
  • Reflected XSS in VOCAENDING (Jeongwon Jo)
  • Stored XSS in VOCAENDING (Bounty: $60/Sunwoo Hwang)
  • Stored XSS in VOCAENDING * 2 (Bounty: $120/Jeongwon Jo)
  • Vulnerable Session Management in READIT (Jeongwon Jo)
  • Reflected XSS in READIT * 3 (Jeongwon Jo)
  • Broken Authentication in READIT (Sunwoo Hwang)
  • Use of a Broken or Risky Cryptographic Algorithm in JEJUPASSRENT (Jeongwon Jo)
  • Exposure of Sensitive Information in JEJUPASSRENT * 2 (Jeongwon Jo)
  • No threshold in JEJUPASSRENT (Jeongwon Jo)
  • DOM Based XSS in JEJUPASSRENT * 2 (Jeongwon Jo)
  • Open Redirect in JEJUPASSRENT (Jeongwon Jo)
  • Exposure of Admin Page in JEJUPASSRENT (Inweol Bae)